Tag

Office

4 briefs RSS

Microsoft Word Use-After-Free Vulnerability CVE-2026-23657

CVE-2026-23657 is a use-after-free vulnerability in Microsoft Office Word allowing a local attacker to execute arbitrary code with user privileges.

use-after-free code-execution office cve-2026-23657

2r 1t 1c 2w ago

medium advisory

Suspicious WMI Image Load from MS Office

2 rules 1 TTP

Adversaries may exploit Windows Management Instrumentation (WMI) to execute code stealthily, bypassing traditional security measures by loading `wmiutils.dll` from Microsoft Office applications, potentially indicating malicious execution.

WINWORD.EXE +4 wmi image load office execution

2r 1t Jan 9, 2024

medium advisory

Persistence via Visual Studio Tools for Office (VSTO) Add-ins

2 rules 1 TTP

The Visual Studio Tools for Office (VSTO) add-ins can be abused by attackers to establish persistence in Microsoft Office applications by modifying registry keys.

Microsoft Office +1 persistence office vsto

2r 1t Jan 3, 2024

medium advisory

MS Office Macro Security Registry Modifications

2 rules 2 TTPs

Attackers may modify Microsoft Office registry settings related to macro security (AccessVBOM, VbaWarnings) to disable security warnings, enabling malicious macros for persistence and further compromise.

Microsoft Office office macro registry defense-evasion windows

2r 2t Jan 2, 2024